SSL connection to Mysql DB
Hello,
After a lot of research, I can't find anything that's really working about this topic.
I found this: https://glpi.userecho.com/communities/1/topics/824-ssl-connection-to-mysql-db and this https://github.com/glpi-project/glpi/pull/5892 among other links and there's this precision in installation instructions
"
SSL connection to database
New in version 9.5.0.
Once installation is done, you can update the config/config_db.php
to define SSL connection parameters. Available parameters corresponds to parameters used by mysqli::ssl_set():
$dbssl
defines if connection should use SSL (false per default)$dbsslkey
path name to the key file (null per default)$dbsslcert
path name to the certificate file (null per default)$dbsslca
path name to the certificate authority file (null per default)$dbsslcapath
pathname to a directory that contains trusted SSL CA certificates in PEM format (null per default)$dbsslcacipher
list of allowable ciphers to use for SSL encryption (null per default)
"
However, it doesnt work in my case and I can't for the life of me find out why. I have the following errors with the params supplied:
[Thu Apr 20 13:18:20.433141 2023] [php:warn] [pid 26913] [client XXXXX:50904] PHP Warning: mysqli::real_connect(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /var/www/html/glpi/src/DBmysql.php on line 253, referer: http://XXXXX/glpi/front/central.php
[Thu Apr 20 13:18:20.433320 2023] [php:warn] [pid 26913] [client XXXXX:50904] PHP Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /var/www/html/glpi/src/DBmysql.php on line 253, referer: http://XXXXX/glpi/front/central.php
[Thu Apr 20 13:18:20.433409 2023] [php:warn] [pid 26913] [client XXXXX:50904] PHP Warning: mysqli::real_connect(): (HY000/2002): (trying to connect via (null)) in /var/www/html/glpi/src/DBmysql.php on line 253, referer: http://XXXXX/glpi/front/central.php
However, a simple php code works with SSL on this same machine so no networking problem or cert problem or username/passwd problem:
<?php
$conn = mysqli_init();
mysqli_ssl_set($conn,NULL,NULL, "/var/www/html/glpi/config/CertName.crt.pem", NULL, NULL);
mysqli_real_connect($conn, 'ServerName', 'Username', 'password', 'DBname', Port, MYSQLI_CLIENT_SSL);
if (mysqli_connect_errno()) {
die('Failed to connect to MySQL: '.mysqli_connect_error());
}
Can anyone tell me IF it really works, and if there's an example somewhere of someone that managed to make it work for real? I couldn't find any.
Thanks in advance.
Customer support service by UserEcho